def change_user_password(form): """ Function that takes care of changing the user password in ADSClassic """ old_password, new_password = form.old_password.data, form.new_password.data try: classic_user = update_classic_password(current_user.get_username(), old_password, new_password) except TypeError: app.logger.error( "ADS Classic account modification error: getting wrong json structure back. Tried to update password for user: %s" % current_user.get_username() ) return False, "Problems in the password update. Please try later.", "error" if classic_user and classic_user.get("message") == "ACCOUNT_UPDATED": return True, "Password successfully updated.", "success" elif classic_user and classic_user.get("message") == "WRONG_PASSWORD": app.logger.error( "ADS Classic account modification error: wrong old password used. Tried to update password: login %s" % current_user.get_username() ) return False, "The current password is wrong. Please try again.", "error" else: app.logger.error( "ADS Classic account modification error: return message not expected. Tried to update password: login %s" % current_user.get_username() ) return False, "Problems in the account modification. Please try again.", "error"
def friends(): if request.method == "POST": formtype = request.form.get('type') if formtype == "del": remove_friends = request.form.getlist('delfriends[]') flask_redis.srem(current_user.get_username() + "-friends", *remove_friends) elif formtype == "add": add_friend = request.form.get('uun') #if(re.match("^[A-Za-z]+\ [A-Za-z]+$", add_friend) == None): # raise APIError("Friend name expected in [A-z]+\ [A-z]+ form.", status_code=400) flask_redis.sadd(current_user.get_username() + "-friends", add_friend) friends = get_friends() friends = map(lambda p: ("%s (%s)" % (p[0], p[1]), p[1]), friends) friends = sorted(friends, key=lambda s: s[0].lower()) return jsonify(friendList=friends) #Set up for ajax responses
def activate_user_new_email(form): """ Function that takes care of updating the email address that is also the username """ activation_code, curpassword = form.id.data, form.password.data # create an itsdangerous object to un sign the verification code and decrypt the password itsd = URLSafeSerializer(config.ACCOUNT_VERIFICATION_SECRET) # decrypt the activation code try: logins = itsd.loads(activation_code) except BadSignature: app.logger.error("Activation code not valid. Code used: %s" % activation_code) return False, "Activation Code not valid.", "error" emails = logins.split("||") if len(emails) != 2: app.logger.error("Number of emails in the activation code not valid. Code used: %s" % activation_code) return False, "Activation Code not valid.", "error" new_login, old_login = emails # if the current user is the right one if current_user.get_username() != old_login: return False, "Please activate the new email with the correct account", "error" else: # update ads classic try: classic_user = update_classic_username(old_login, new_login, curpassword) except TypeError: app.logger.error( "ADS Classic account modification error. Tried to update email: old %s, new %s" % (old_login, new_login) ) return False, "Problems in the account modification. Please try later.", "error" if classic_user and classic_user.get("message") == "ACCOUNT_UPDATED": loc_db_user = AdsUserRecord.query.filter(AdsUserRecord.username == old_login) # @UndefinedVariable loc_db_user.add_to_set("alternate_usernames", old_login).set(username=new_login).execute() return ( True, "The username %s is now active and should be used from now on to login to this account." % new_login, "success", ) elif classic_user and classic_user.get("message") == "WRONG_PASSWORD": app.logger.error( "ADS Classic account modification error: wrong old password used. Tried to update email: old %s, new %s" % (old_login, new_login) ) return False, "The current password is wrong. Please try again.", "error" else: app.logger.error( "ADS Classic account modification error: return message not expected: Tried to update email: old %s, new %s" % (old_login, new_login) ) return False, "Problems in the account modification. Please try again.", "error"
def get_friends(): friends = flask_redis.smembers(current_user.get_username() + "-friends") friends = list(friends) with ldap.conn() as ldap_conn: friend_names = ldap.get_names_bare(friends, ldap_conn) for i in range(len(friends)): uun = friends[i] friend = uun if uun in friend_names: friend = friend_names[uun] friends[i] = (friend, uun) return friends
def reauth(): """ User re authentication view """ app.logger.debug('User reauth') form = ReauthForm(next=request.args.get('next', None)) #if the login is fresh there is no need to re-authenticate if login_fresh(): return redirect(generate_redirect_url(next_=form.next.data)) if form.validate_on_submit(): user, authenticated = authenticate(current_user.get_username(), form.password.data) if user and authenticated: user.set_last_signon() confirm_login() return redirect(generate_redirect_url(next_=form.next.data)) else: flash('Sorry, invalid login parameters', 'error') return render_template('reauth.html', form=form)
def results(): if not current_user.get_current_session(): return redirect(url_for('root')) assignment_id = current_user.get_current_assignment_id() submit_base = current_user.get_submit_to() if submit_base: submit_to = os.path.join(current_user.get_submit_to(), 'mturk/externalSubmit') else: submit_to = '/' current_user.finish_session() worker_id = current_user.get_username() # try: # qualification_score = mtc.get_qualification_score(QUALIFICATION_ID, worker_id) # mtc.update_qualification_score(QUALIFICATION_ID, worker_id, qualification_score+1) # except: # pass if QUIZ: scores = current_user.get_scores() corrects = [s[0] for s in scores] if len(corrects) > 1: diffbest = corrects[-1] - max(corrects[:-1]) diff = abs(diffbest) diffsign = get_diffsign(diffbest) else: diffsign = 'equal' diff = 0 return render_template( 'results.html', quiz=True, diffsign=diffsign, diff=diff, sesscount=len(corrects), assignment_id=assignment_id, submit_to=submit_to) else: return render_template( 'results.html', quiz=False, assignment_id=assignment_id, submit_to=submit_to)
def change_user_settings(form): """ Function that checks the current params against the submitted ones and changes them in case are different. If the email is different a confirmation email is sent before proceeding """ #check if name and lastname need to be changed name = lastname = login = '' if form.name.data != current_user.user_rec.firstname: name = form.name.data if form.lastname.data != current_user.user_rec.lastname: lastname = form.lastname.data if form.login.data != current_user.user_rec.username: login = form.login.data #if the user submitted a form with no changes there is nothing to do if not (name or lastname or login): app.logger.debug('The user submitted a form with no changes.') return False, 'Settings not changed. Please modify some settings to change them.', 'warning' #check if the login is already used: if so throw an error unless it is from the same if login: user_rec = AdsUserRecord.query.filter((AdsUserRecord.alternate_usernames == login).or_(AdsUserRecord.username == login)).first() #@UndefinedVariable if user_rec and (user_rec.cookie_id != current_user.get_id()) : return False, 'email address already taken by other user.', 'error' #check if the user already exists in classic and has another cookie if login_exists_classic(login): classic_user = get_classic_user(login) if classic_user.get('cookie') != current_user.get_id(): app.logger.error('User tried to use change his login using one belonging to other user. User login: %s; other user login: %s ' % (current_user.get_username(), login)) return False, 'email address already taken by other user.', 'error' #send the confirmation email #create an itsdangerous object to sign the verification email itsd = URLSafeSerializer(config.ACCOUNT_VERIFICATION_SECRET) #send the confirmation email act_code = itsd.dumps('%s||%s' % (login, current_user.user_rec.username)) message_html = """<h3>Please confirm your new email address</h3> <p>Your activation code is <strong>%(code)s</strong></p> <p>To activate your account, please click <a href="%(act_url)s">here</a></p> <p>If the link doesn't work, please copy the following URL and paste it in your browser:<br/>%(act_url)s</p> <p>Please do not replay to this email: to contact us please use our <a href="%(feedb_url)s">feedback form</a></p> <p>Regards,<br/>The ADS team</p> """ % {'code':act_code, 'act_url': '%s%s?id=%s' % (config.MAIL_CONTENT_REDIRECT_BASE_URL, url_for('user.activate_new_email'), act_code), 'feedb_url' : '%s%s'%(config.MAIL_CONTENT_REDIRECT_BASE_URL, url_for('feedback.feedback')) } try: send_email_to_user(u"NASA ADS: confirmation required for login update", message_html, [login]) except: app.logger.error('Failed to send confirmation email for user settings modification.') return False, 'There are some technical problems: please try later.', 'error' #if name or lastname have changed, submit the changes to the classic ads and update the local database if name or lastname: loc_db_user = AdsUserRecord.query.filter(AdsUserRecord.cookie_id == current_user.get_id()) #@UndefinedVariable user_rec = loc_db_user.first() if not user_rec: app.logger.error('logged in user doesn\'t have an entry in local mongo DB: %s' % login) return False, 'Error with account modification. Please try to logout and login again before trying again.', 'error' #make sure that if name or lastname are present, both are sent for the update if not name: name = user_rec.firstname if not lastname: lastname = user_rec.lastname try: classic_user = update_classic_user_info(current_user.user_rec.username, form.password.data, name, lastname) except TypeError: app.logger.error('ADS Classic account modification error: getting wrong json structure back. Tried to update name and lastname: %s' % login) return False, 'Problems in the account modification. Please try later.', 'error' if classic_user and classic_user.get('message') == 'ACCOUNT_UPDATED': update_params = {'firstname':name, 'lastname':lastname} loc_db_user.set(**update_params).execute() elif classic_user and classic_user.get('message') == 'WRONG_PASSWORD': app.logger.error('ADS Classic account modification error: wrong old password used. %s' % login) return False, 'The current password is wrong. Please try again.', 'error' else: app.logger.error('ADS Classic account modification error: return message not expected. %s' % login) return False, 'Problems in the account modification. Please try again.', 'error' if (name or lastname) and login: return True, 'Almost all the information have been updated. Please confirm your new email to update your username: a confirmation email has been sent to the new address.', 'warning' elif login and not (name or lastname): return True, 'You are almost done. Please confirm your new email to update your username: a confirmation email has been sent to the new address.', 'warning' elif (name or lastname) and not login: return True, 'All the changes have been applied.', 'success' #there should be no else else: app.logger.error('Account modification error. Case the app should never reach: %s' % login) return False, 'Error with account modification.', 'error'
def exp(): if not current_user.is_authenticated(): return render_template( 'experiment.html', img=exper.ALL_IMGS[0], label=exper.LABELS_BY_CAT['1'][0], preview=True, score=0.) new = True if not current_user.is_debriefed() else None current_user.set_debriefed(True) user_id = current_user.get_username() if current_user.participant.current_session.img_index == IMG_PER_SESSION: return redirect(url_for('tree')) if current_user.get_break(): current_user.finish_block() current_user.set_break(False) if TREE_ON_BLOCK: return redirect(url_for('tree')) part = current_user.participant if not QUIZ: return render_template('finish_block.html', quiz=False) best_session = current_user.get_best() score = part.current_session.correct block_count = len(part.current_session.blocks) best_blocks = sorted([b for b in best_session.blocks if b.finished_at], key=lambda b: b.finished_at)[:block_count+1] if not best_blocks: diffsign = 'equal' diff = 0 else: diffbest = score - sum([b.correct for b in best_blocks]) diff = abs(diffbest) diffsign = get_diffsign(diffbest) return render_template( 'finish_block.html', quiz=True, diffsign=diffsign, diff=diff, ) label, img, pair_index, block_index = current_user.get_current_pair() response = None if request.method == 'GET': correct = None elif request.method == 'POST': label = request.form.get('label') if QUIZ: input = request.form['res'] == '1' response = request.form['res'] actual = exper.check_pair(label, img) correct = (input == actual) current_user.update_correct(correct) current_user.add_response(img, label, response) current_user.advance_pair() part = current_user.participant if part.current_session.img_index == 0: current_score = 0. else: current_score = float(part.current_session.correct) / part.current_session.img_index if QUIZ: return render_template( 'experiment.html', quiz=True, label=label, img=img, correct=correct, res=response, pair_index=pair_index, block_size=BLOCKSIZE, block_index=block_index, block_count=BLOCKS, new=new, score=current_score) else: current_user.advance_pair() return render_template( 'experiment.html', quiz=False, label=label, img=img, new=new, block_size=BLOCKSIZE, block_index=block_index, block_count=BLOCKS)
def user(): username = current_user.get_username() new = True if not current_user.is_debriefed() else None return render_template('user.html', username=username, new=new)